Hi all, On 14-04-2019 22:57, Joerg Jaspert wrote: > On 15372 March 1977, Paul Gevers wrote: >> b) If the access is indeed set-upped via IP whitelisting, than I have >> the following concern. We are currently running 12 amd64 workers in the >> AWS framework. I am typically recreating workers after 60 to 90 days as >> we are having issues with them after a while. This means they get new IP >> addresses. Would that be a problem? Soon I hope to also have arm64 >> workers from another platform available. I expect similar issues there. > > Thats bad, as yes, it is entirely via IP. Thanks to Pavit, our GSOC intern of the past season, we nearly have all the pieces in place to support the security team to run autopkgtest on embargoed uploads on the ci.debian.net infrastructure. We plan to have one stable node work as a proxy for the workers that need the packages from the embargoed archive. Apart from adding our broker node IP to the list of accepted IPs and sharing from your side what the URL of the embargoed archive is (can be shared in private if preferred, obviously) are there any other considerations from you that we need to take into account to make this happen? The remaining items tracker here: https://salsa.debian.org/groups/ci-team/-/milestones/1 Paul
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature